mirror of
https://github.com/bitnami/charts.git
synced 2026-03-16 06:47:30 +08:00
5b34d26bef
* [github-actions] Add index-monitor action Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> * Update index branch Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> * Add permissions content: read Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com> --------- Signed-off-by: Miguel Ruiz <miguel.ruiz@broadcom.com>
121 lines
4.6 KiB
YAML
121 lines
4.6 KiB
YAML
name: '[Index] Monitor remote index.yaml'
|
|
|
|
on:
|
|
schedule:
|
|
# Every 10 minutes
|
|
- cron: '*/10 * * * *'
|
|
|
|
# Remove all permissions by default
|
|
permissions: {}
|
|
|
|
jobs:
|
|
integrity-check:
|
|
name: Compare the index.yaml checksums remote and locally
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
outputs:
|
|
result: ${{ steps.integrity-check.outputs.result }}
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
|
with:
|
|
ref: 'index'
|
|
- name: Check index integrity
|
|
id: integrity-check
|
|
run: |
|
|
status="fail"
|
|
attempts=0
|
|
# We want to check for consistent failures
|
|
# To do so, we will look for 3 consecutive failures with a 30 seconds wait
|
|
# A single success is enough to pass
|
|
while [[ "${status}" != "ok" && $attempts -lt 3 ]]; do
|
|
# Check the index.yaml integrity
|
|
REMOTE_MD5=($(curl -Ls https://charts.bitnami.com/bitnami/index.yaml | md5sum))
|
|
REPOSITORY_MD5=($(md5sum bitnami/index.yaml))
|
|
# Compare the index.yaml checksums remote and locally
|
|
if [[ "${REPOSITORY_MD5[0]}" == "${REMOTE_MD5[0]}" ]]; then
|
|
status='ok'
|
|
else
|
|
attempts=$((attempts+1))
|
|
echo "Integrity check failed. Remote checksum '${REMOTE_MD5[0]}' does not match expected '${REPOSITORY_MD5[0]}'";
|
|
# Refresh the 'index' branch in case it was updated
|
|
git fetch origin index
|
|
git reset --hard origin/index
|
|
# Wait 30 seconds
|
|
sleep 30
|
|
fi
|
|
done
|
|
echo "result=${status}" >> $GITHUB_OUTPUT
|
|
- name: Show messages
|
|
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
|
|
with:
|
|
script: |
|
|
if ("${{ steps.integrity-check.outputs.result }}" != "ok" ) {
|
|
core.setFailed("Integrity check failed");
|
|
} else {
|
|
core.info("Integrity check succeeded")
|
|
}
|
|
validation-check:
|
|
name: Validate the helm repository can be added and updated
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
outputs:
|
|
result: ${{ steps.validation-check.outputs.result }}
|
|
steps:
|
|
- name: Install helm
|
|
run: |
|
|
HELM_TARBALL="helm-v3.8.1-linux-amd64.tar.gz"
|
|
curl -SsLfO "https://get.helm.sh/${HELM_TARBALL}" && sudo tar xf "$HELM_TARBALL" --strip-components 1 -C /usr/local/bin
|
|
- name: Validate helm repository
|
|
id: validation-check
|
|
run: |
|
|
repo="https://charts.bitnami.com/bitnami"
|
|
status="fail"
|
|
attempts=0
|
|
# We want to check for consistent failures
|
|
# To do so, we will look for 3 consecutive failures with a 30 seconds wait
|
|
# A single success is enough to pass
|
|
while [[ "${status}" != "ok" && $attempts -lt 3 ]]; do
|
|
# Validates the helm repository can be added and updated
|
|
if helm repo add bitnami "${repo}" && helm repo update bitnami; then
|
|
status="ok"
|
|
else
|
|
attempts=$((attempts+1))
|
|
echo "Failed to pull charts from helm repository '${repo}'"
|
|
# If present, remove repository to allow retries
|
|
if helm repo list | grep -q bitnami; then
|
|
helm repo remove bitnami
|
|
fi
|
|
# Wait 30 seconds
|
|
sleep 30
|
|
fi
|
|
done
|
|
echo "result=${status}" >> $GITHUB_OUTPUT
|
|
- name: Show messages
|
|
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
|
|
with:
|
|
script: |
|
|
if ("${{ steps.validation-check.outputs.result }}" != "ok" ) {
|
|
core.setFailed("Validation check failed");
|
|
} else {
|
|
core.info("Validation check succeeded")
|
|
}
|
|
upload:
|
|
name: Re-upload index.yaml
|
|
needs: [validation-check, integrity-check]
|
|
if: ${{ always() && (needs.validation-check.outputs.result != 'ok' || needs.integrity-check.outputs.result != 'ok') }}
|
|
uses: bitnami/charts/.github/workflows/sync-chart-cloudflare-index.yml@index
|
|
secrets: inherit
|
|
permissions:
|
|
contents: read
|
|
notify:
|
|
name: Send notification
|
|
needs: [validation-check, integrity-check]
|
|
if: ${{ always() && (needs.validation-check.outputs.result != 'ok' || needs.integrity-check.outputs.result != 'ok') }}
|
|
uses: bitnami/charts/.github/workflows/gchat-notification.yml@main
|
|
with:
|
|
workflow: ${{ github.workflow }}
|
|
job-url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
|
|
secrets: inherit
|